<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Hello,<div class=""><br class=""></div><div class="">I have been looking on CVE at security vulnerabilities for Erlang here : <a href="https://www.cvedetails.com/vulnerability-list/vendor_id-9446/Erlang.html" class="">https://www.cvedetails.com/vulnerability-list/vendor_id-9446/Erlang.html</a> to assess the risks posed to Erlang servers.</div><div class=""><br class=""></div><div class=""><br class=""></div><div class="">Based on the information on these sites, it seems that Erlang’s OTP 19+ is very “secure” and isn’t vulnerable to any buffer overflow/stack smashing/heap smashing attacks. Would you feel comfortable leaving a open SSL port using no peer certificates on the public internet?</div><div class=""><br class=""></div><div class="">For example, using a gen_server, do you think it is possible to handle all calls/casts/info’s properly without posing a risk to your system? Is there anything you would do special when your system was open to the public internet?</div><div class=""><br class=""></div></body></html>